/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
/*
* Do not modify this file. This file is generated from the acm-pca-2017-08-22.normal.json service model.
*/
using System;
using System.Collections.Generic;
using System.Xml.Serialization;
using System.Text;
using System.IO;
using System.Net;
using Amazon.Runtime;
using Amazon.Runtime.Internal;
namespace Amazon.ACMPCA.Model
{
///
/// Container for the parameters to the PutPolicy operation.
/// Attaches a resource-based policy to a private CA.
///
///
///
/// A policy can also be applied by sharing a private CA through Amazon Web Services Resource
/// Access Manager (RAM). For more information, see Attach
/// a Policy for Cross-Account Access.
///
///
///
/// The policy can be displayed with GetPolicy
/// and removed with DeletePolicy.
///
/// About Policies
///
///
-
///
/// A policy grants access on a private CA to an Amazon Web Services customer account,
/// to Amazon Web Services Organizations, or to an Amazon Web Services Organizations unit.
/// Policies are under the control of a CA administrator. For more information, see Using a
/// Resource Based Policy with Amazon Web Services Private CA.
///
///
-
///
/// A policy permits a user of Certificate Manager (ACM) to issue ACM certificates signed
/// by a CA in another account.
///
///
-
///
/// For ACM to manage automatic renewal of these certificates, the ACM user must configure
/// a Service Linked Role (SLR). The SLR allows the ACM service to assume the identity
/// of the user, subject to confirmation against the Amazon Web Services Private CA policy.
/// For more information, see Using
/// a Service Linked Role with ACM.
///
///
-
///
/// Updates made in Amazon Web Services Resource Manager (RAM) are reflected in policies.
/// For more information, see Attach
/// a Policy for Cross-Account Access.
///
///
///
public partial class PutPolicyRequest : AmazonACMPCARequest
{
private string _policy;
private string _resourceArn;
///
/// Gets and sets the property Policy.
///
/// The path and file name of a JSON-formatted IAM policy to attach to the specified private
/// CA resource. If this policy does not contain all required statements or if it includes
/// any statement that is not allowed, the PutPolicy action returns an InvalidPolicyException.
/// For information about IAM policy and statement structure, see Overview
/// of JSON Policies.
///
///
[AWSProperty(Required=true, Min=1, Max=20480)]
public string Policy
{
get { return this._policy; }
set { this._policy = value; }
}
// Check to see if Policy property is set
internal bool IsSetPolicy()
{
return this._policy != null;
}
///
/// Gets and sets the property ResourceArn.
///
/// The Amazon Resource Number (ARN) of the private CA to associate with the policy. The
/// ARN of the CA can be found by calling the ListCertificateAuthorities
/// action.
///
///
[AWSProperty(Required=true, Min=5, Max=200)]
public string ResourceArn
{
get { return this._resourceArn; }
set { this._resourceArn = value; }
}
// Check to see if ResourceArn property is set
internal bool IsSetResourceArn()
{
return this._resourceArn != null;
}
}
}